package cn.tedu.jdbc;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Scanner;

public class JDBC5 {
    //解决注入攻击
    public static void main(String[] args) throws Exception {
        Class.forName("com.mysql.cj.jdbc.Driver");
        String url="jdbc:mysql://localhost:3306/cgb2015";
        String user="root";
        String psd="root";
        Connection conn = DriverManager.getConnection(url, user, psd);
        System.out.println("账号");
        String a = new Scanner(System.in).nextLine();
        System.out.println("密码");
        String b = new Scanner(System.in).nextLine();
        String sql="select * from user where name=? and password=?";
        PreparedStatement ps = conn.prepareStatement(sql);
        ps.setString(1,a);
        ps.setString(2,b);
        ResultSet rs = ps.executeQuery();
        if(rs.next()){
            System.out.println("成功");
        }else{
            System.out.println("失败");
        }
        rs.close();
        ps.close();
        conn.close();

    }
}
